Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware.
\nThe DomainTools Investigations (DTI) team said it identified “malicious multi-stage downloader Powershell scripts” hosted on lure websites that masquerade as Gitcode and DocuSign.
\n“<\/p>","protected":false},"excerpt":{"rendered":"
Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport…<\/p>\n","protected":false},"author":1,"featured_media":403,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"saved_in_kubio":false,"footnotes":""},"class_list":["post-402","page","type-page","status-publish","has-post-thumbnail","hentry"],"kubio_ai_page_context":{"short_desc":"","purpose":"general"},"_links":{"self":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages\/402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=402"}],"version-history":[{"count":0,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/pages\/402\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/infosec-daily.com\/index.php?rest_route=\/wp\/v2\/media\/403"}],"wp:attachment":[{"href":"https:\/\/infosec-daily.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}